Millions of websites may have been leaking critically sensitive data for the past two years, thanks to a devastating flaw in the OpenSSL software many sites use to encrypt and transmit data.
Security researchers say the bug, which affects software used by two out of every three web servers, made personal info vulnerable to attackers.
The Heartbleed bug, as it’s called by the researchers who discovered it, would let anyone on the Internet get into a supposedly secure web server running certain versions of OpenSSL and scoop up the site’s encryption keys, user passwords and site content.
